compendium
compendium copied to clipboard
Published
20 hours ago •
sambacha
sambacha
The Greatest Collection of anything related to finance and crypto
Compendium
The Greatest Collection of anything related to finance and crypto. (now with zip releases)
Notes
speed up pull
git -c filter.lfs.smudge= -c filter.lfs.required=false pull && git lfs pull
Zero Knwoledge
Crypto Content (zk, obvram, circuts, smpc, etc)
MPC videos
- The 1st BIU Winter School SECURE COMPUTATION AND EFFICIENCY
- The 5th BIU Winter School ADVANCES IN PRACTICAL MULTIPARTY COMPUTATION
- Simons Securing Computation Workshop
- Simons Cryptography Boot Camp
- DIMACS/Columbia Data Science Institute Workshop on Cryptography for Big Data
- DIMACS/MACS Workshop on Cryptography for the RAM Model of Computation
- DIMACS/MACS Workshop on Usable, Efficient, and Formally Verified Secure Computation
Other nice series
Garbled circuits
- An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries, 2017 paper
- Billion-Gate Secure Computation with Malicious Adversaries, 2012 paper
- Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer, 2011 paper
- Fast Cut-and-Choose-Based Protocols for Malicious and Covert Adversaries, 2013 paper
- Two-Output Secure Computation with Malicious Adversaries, 2011 paper
- Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose, 2013 paper
- Amortizing Garbled Circuits, 2014 paper
- Non-Interactive Secure Computation Based on Cut-and-Choose paper
LEGO
- LEGO for Two-Party Secure Computation, 2009 paper
- MiniLEGO: Efficient Secure Two-Party Computation from General Assumptions, 2013 paper
- TinyLEGO: An Interactive Garbling Scheme for Maliciously Secure Two-Party Computation, 2015 paper
- Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO, 2017 paper
General Blockchain
| ID | DUP | AR | Title | Desc | Notes | URL | DOI | |||
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 0 | Blockchain for AI: Review and open research challenges | Application | https://ieeexplore.ieee.org/iel7/6287639/6514899/08598784.pdf | ||||||
| 2 | 0 | A survey on consensus mechanisms and mining strategy management in blockchain networks | No new information or discussion [has a comparison of sharding with scale out papers] | https://ieeexplore.ieee.org/iel7/6287639/6514899/08629877.pdf | ||||||
| 3 | 1 | SoK: Consensus in the age of blockchains | https://dl.acm.org/doi/pdf/10.1145/3318041.3355458 | |||||||
| 4 | 1 | Monoxide: Scale out blockchains with asynchronous consensus zones | improvment (not specific to rapidchain) | https://www.usenix.org/system/files/nsdi19-wang-jiaping.pdf | ||||||
| 5 | 1 | Towards scaling blockchain systems via sharding | Discussion, improvment (not specific to rapidchain), but uses TEE | https://dl.acm.org/doi/pdf/10.1145/3299869.3319889 | ||||||
| 6 | 0 | Proof-of-Stake Sidechains. | Not related to rapidchain or any similar constructions | https://eprint.iacr.org/2018/1239.pdf | ||||||
| 7 | 0 | LightChain: A Lightweight Blockchain System for Industrial Internet of Things | Application | https://cse.buffalo.edu/~wenyaoxu/papers/journal/xu-tii2019.pdf | ||||||
| 8 | 1 | Polyshard: Coded sharding achieves linearly scaling efficiency and security simultaneously | An improvment to sharding? | https://arxiv.org/pdf/1809.10361 | ||||||
| 9 | 1 | A game-theoretic analysis of shard-based permissionless blockchains | Game theory and incentive to similar pconstructions | https://ieeexplore.ieee.org/iel7/6287639/6514899/08558531.pdf | ||||||
| 10 | 1 | Flyclient: Super-Light Clients for Cryptocurrencies. | Minimizing the amount of data needed for verification. But no special relation to rapidchain other than the main author Zamani. | https://eprint.iacr.org/2019/226.pdf | ||||||
| 11 | 0 | Parallel Chains: Improving Throughput and Latency of Blockchain Protocols via Parallel Composition. | Not related to rapidchain | https://pdfs.semanticscholar.org/6116/a7c1c0820e357204e9277901c82bd38c35a5.pdf | ||||||
| 12 | 0 | OHIE: blockchain scaling made simple | Not related to comitte based constructions | https://arxiv.org/pdf/1811.12628 | ||||||
| 13 | 0 | Fine-grained, secure and efficient data provenance on blockchain systems | Does not cite rapidchain | https://dl.acm.org/ft_gateway.cfm?id=3342042&type=pdf | ||||||
| 14 | 1 | BlockchainDB: a shared database on blockchains | Extra storage layer above blockchain, proposes sharding chains as backend. Could this construction allow more effecient transaction storage? | https://dl.acm.org/ft_gateway.cfm?id=3360366&type=pdf | - | |||||
| 15 | 0 | Flash: efficient dynamic routing for offchain networks | Does not cite rapidchain | https://dl.acm.org/doi/pdf/10.1145/3359989.3365411 | ||||||
| 16 | 0 | YODA: Enabling computationally intensive contracts on blockchains with Byzantine and Selfish nodes | Offchain computation | Does not relate to comitee based constructions. But it's results are interesting | https://arxiv.org/pdf/1811.03265 | |||||
| 17 | 0 | Mystiko—Blockchain Meets Big Data | Not related | https://ieeexplore.ieee.org/iel7/8610059/8621858/08622341.pdf | ||||||
| 18 | 1 | Replay attacks and defenses against cross-shard consensus in sharded distributed ledgers | Attack vectors for comitee based sharding | https://arxiv.org/pdf/1901.11218 | ||||||
| 19 | 0 | SoK: A Taxonomy for Layer-2 Scalability Related Protocols for Cryptocurrencies. | not related | https://www.researchgate.net/profile/Mario_Larangeira2/publication/332859444_SoK_A_Taxonomy_for_Layer-2_Scalability_Related_Protocols_for_Cryptocurrencies/links/5ccd585ea6fdccc9dd8b964e/SoK-A-Taxonomy-for-Layer-2-Scalability-Related-Protocols-for-Cryptocurrencies.pdf | ||||||
| 20 | 1 | Velocity: Scalability improvements in block propagation through rateless erasure coding | May provide discussion or improvements on block gossiping. But did not discuss rapidchain at all in this context | https://ieeexplore.ieee.org/iel7/8744142/8751228/08751427.pdf | ||||||
| 21 | 0 | Lightchain: A dht-based blockchain for resource constrained environments | Not related and no relevant discussion | https://arxiv.org/pdf/1904.00375 | ||||||
| 22 | 0 | A survey on consensus protocols in blockchain for iot networks | No relevant discussion | https://arxiv.org/pdf/1809.05613 | ||||||
| 23 | 1 | Proof-of-stake sidechains | https://ieeexplore.ieee.org/iel7/8826229/8835208/08835275.pdf | |||||||
| 24 | 0 | Agent-based simulations of blockchain protocols illustrated via kadena's chainweb | Not relevant | https://ieeexplore.ieee.org/iel7/8790672/8802376/08802494.pdf | ||||||
| 25 | 1 | Ostraka: Secure Blockchain scaling by node sharding | Relevant discussion of attack vectors | https://arxiv.org/pdf/1907.03331 | ||||||
| 26 | 0 | A survey on efficient parallelization of blockchain-based smart contracts | No relevant discussion | https://arxiv.org/pdf/1904.00731 | ||||||
| 27 | 1 | Committee selection is more similar than you think: Evidence from avalanche and stellar | Might provide some relevant discussion on comitte selection | https://arxiv.org/pdf/1904.09839 | ||||||
| 28 | 1 | Sok: Sharding on blockchain | Might provide some relevant discussion on comitte based sharding | https://dl.acm.org/doi/pdf/10.1145/3318041.3355457 | ||||||
| 29 | 1 | Robust and scalable consensus for sharded distributed ledgers | Maybe relevant discussion, and improvment on byzcoin which is in the same research line. From the author of omniledger | https://eprint.iacr.org/2019/676.pdf | ||||||
| 30 | 1 | A security reference architecture for blockchains | Security and attack vectors | https://ieeexplore.ieee.org/iel7/8938397/8946120/08946197.pdf | ||||||
| 31 | 0 | Anchoring the value of Cryptocurrency | economics | https://ieeexplore.ieee.org/iel7/9040368/9050160/09050264.pdf | ||||||
| 32 | 1 | SeF: A secure fountain architecture for slashing storage costs in blockchains | May provide discussion or improvements on block gossiping. But did not discuss rapidchain much in this context | https://arxiv.org/pdf/1906.12140 | ||||||
| 33 | 0 | Segment blockchain: A size reduced storage mechanism for blockchain | Does not cite rapidchain. | https://ieeexplore.ieee.org/iel7/6287639/8948470/08957450.pdf | ||||||
| 34 | 1 | Don't Mine, Wait in Line: Fair and Efficient Blockchain Consensus with Robust Round Robin | A little bit of dicussion on rapidchain | https://arxiv.org/pdf/1804.07391 | ||||||
| 35 | 1 | On the Security of Blockchain Consensus Protocols | Might provide some security discussion | https://link.springer.com/content/pdf/10.1007%2F978-3-030-05171-6_24.pdf | x | |||||
| 36 | 1 | Cycledger: A scalable and secure parallel protocol for distributed ledger via sharding | A successor to rapidchain? | https://arxiv.org/pdf/2001.06778 | ||||||
| 37 | 1 | Design and Implementation of a Scalable IoT-based Blockchain | A successor to rapidchain? Might provide some good comitte based sharding details | https://files.ifi.uzh.ch/CSG/staff/Rafati/Kursat-Aydinli-MA.pdf | ||||||
| 38 | 1 | A flexible n/2 adversary node resistant and halting recoverable blockchain sharding protocol | Might provide good discussion | https://onlinelibrary.wiley.com/doi/pdf/10.1002/cpe.5773 | ||||||
| 39 | 1 | Sok: Communication across distributed ledgers | Discussion on cross-chain communication | http://www0.cs.ucl.ac.uk/staff/M.AlBassam/publications/crosschain.pdf | ||||||
| 40 | 1 | A methodology for a probabilistic security analysis of sharding-based blockchain protocols | security analysis | http://www.iro.umontreal.ca/~ahafid/docs/Hafid-blockchain.pdf | ||||||
| 41 | 0 | XBlock-EOS: Extracting and Exploring Blockchain Data From EOSIO | not relevant | https://arxiv.org/pdf/2003.11967 | ||||||
| 42 | 0 | Microchain: A Hybrid Consensus Mechanism for Lightweight Distributed Ledger for IoT | not relevant | https://arxiv.org/pdf/1909.10948 | ||||||
| 43 | 1 | The Security Reference Architecture for Blockchains: Towards a Standardized Model for Studying Vulnerabilities, Threats, and Defenses | security | https://arxiv.org/pdf/1910.09775 | ||||||
| 44 | 1 | Scalable network-coded PBFT consensus algorithm | reducing communication burden | https://ieeexplore.ieee.org/iel7/8827389/8849208/08849573.pdf | ||||||
| 45 | 0 | Public blockchains scalability: An examination of sharding and segregated witness | not relevant | |||||||
| 46 | 0 | Hyperservice: Interoperability and programmability across heterogeneous blockchains | Does not cite rapidchain | https://dl.acm.org/doi/pdf/10.1145/3319535.3355503 | ||||||
| 47 | 1 | Divide and Scale: Formalization of Distributed Ledger Sharding Protocols | Formalization of rapidchain and detailed analysis? | https://arxiv.org/pdf/1910.10434 | ||||||
| 48 | 0 | Solutions to scalability of blockchain: A survey | No relevant discussion | https://ieeexplore.ieee.org/iel7/6287639/8948470/08962150.pdf | ||||||
| 49 | 1 | Survey: Sharding in blockchains | Very relevant. (And also manalysis ethereum 2.0) | https://ieeexplore.ieee.org/iel7/6287639/8948470/08954616.pdf | ||||||
| 50 | 0 | Open infrastructure for edge: A distributed ledger outlook | not relevant | https://www.usenix.org/system/files/hotedge19-paper-zavodovski_0.pdf | ||||||
| 51 | 1 | How to Securely Prune Bitcoin's Blockchain | block pruning | https://arxiv.org/pdf/2004.06911 | ||||||
| 52 | 0 | Replicated state machines without replicated execution | not relevant | https://eprint.iacr.org/2020/195.pdf | ||||||
| 53 | 0 | Evaluation and Improving Scalability of the BAZO Blockchain | not relevant | https://files.ifi.uzh.ch/CSG/staff/Rafati/Fabio-Maddaloni-BA.pdf | ||||||
| 54 | 0 | Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity Services | not relevant | https://arxiv.org/pdf/2004.06386 | ||||||
| 55 | 0 | Resilientdb: Global scale resilient blockchain fabric | Not relevant | https://arxiv.org/pdf/2002.00160 | ||||||
| 56 | 0 | Managing QoS of Internet-of-Things Services Using Blockchain | Not relevant | https://ieeexplore.ieee.org/iel7/6570650/6780646/08741207.pdf | ||||||
| 57 | 0 | Platypus: Offchain Protocol Without Synchrony | Not relevant | https://ieeexplore.ieee.org/iel7/8930311/8935004/08935037.pdf | ||||||
| 58 | 0 | 区块链共识机制研究综述 | Not in english | http://www.jcr.cacrnet.org.cn/CN/article/downloadArticleFile.do?attachType=PDF&id=343 | ||||||
| 59 | 1 | Gas Consumption-Aware Dynamic Load Balancing in Ethereum Sharding Environments | An alternative way of assigning transactions? But does not discuss rapidchain at all | https://ieeexplore.ieee.org/iel7/8785421/8791939/08791945.pdf | ||||||
| 60 | 0 | Pledge: a private ledger based decentralized data sharing framework | Not relevant | https://ieeexplore.ieee.org/iel7/8728125/8732845/08732913.pdf | ||||||
| 61 | 0 | Proof-of-Execution: Reaching Consensus through Fault-Tolerant Speculation | No relevant discussion | https://arxiv.org/pdf/1911.00838 | ||||||
| 62 | 0 | Flow: Separating Consensus and Compute | not a paper??? | |||||||
| 63 | 0 | SSHTDNS: A Secure, Scalable and High-Throughput Domain Name System via Blockchain Technique | Not relevant | https://scholar.google.com/scholar?output=instlink&q=info:9l1bEyD_hZoJ:scholar.google.com/&hl=en&as_sdt=1,5&sciodt=1,5&scillfp=15012720131320130813&oi=lle | ||||||
| 64 | 0 | Exploring heterogeneity in loosely consistent decentralized data replication | No relevant discussion | https://hal.inria.fr/tel-01964628/document | ||||||
| 65 | 0 | Blockchain business networks: Understanding the value proposal within centralized and decentralized governance structures | Not relevant | http://www.diva-portal.org/smash/get/diva2:1339471/FULLTEXT02 | ||||||
| 66 | 0 | Serializability and Heterogeneous Trust from Two Phase Commit to Blockchains | No relevant discussion | https://ecommons.cornell.edu/bitstream/handle/1813/67616/Sheff_cornellgrad_0058F_11665.pdf?sequence=1 | ||||||
| 67 | 0 | An Adaptive Modular-Based Compression Scheme for Address Data in the Blockchain System | No relevant discussion | https://link.springer.com/content/pdf/10.1007%2F978-981-15-2777-7_13.pdf | ||||||
| 68 | 0 | Eunomia: A Permissionless Parallel Chain Protocol Based on Logical Clock | No relevant discussion | https://arxiv.org/pdf/1908.07567 | ||||||
| 69 | 0 | SoK: Layer-Two Blockchain Protocols | Not relevant | https://pure.tudelft.nl/portal/files/69224849/150.pdf | ||||||
| 70 | 1 | Technical Whitepaper | Harmony | Migth provide relevant discussion | https://static2.coinpaprika.com/storage/cdn/whitepapers/10576969.pdf | |||||
| 71 | 0 | Aplos: Smart Contracts Made Smart | Not relevant | https://link.springer.com/chapter/10.1007/978-981-15-2777-7_35 | ||||||
| 72 | 0 | Secure Balance Planning of Off-blockchain Payment Channel Networks | Not relevant | https://www.u-aizu.ac.jp/~pengli/files/pcn_planning_infocom2020.pdf | ||||||
| 73 | 0 | Validating pairwise transactions on cryptocurrencies: a novel heuristics and network simulation | Not relevant | https://link.springer.com/article/10.1007/s42786-018-00003-5 | ||||||
| 74 | 0 | An Approach of Secure Two-Way-Pegged Multi-sidechain | No relevant discussion | https://link.springer.com/chapter/10.1007/978-3-030-38961-1_47 | ||||||
| 75 | 1 | 0 | Flash: E icient Dynamic Routing for O chain Networks | http://www.cs.jhu.edu/~xinjin/files/CoNEXT19_Flash.pdf | ||||||
| 76 | 0 | XBlock-ETH: Extracting and Exploring Blockchain Data From Etherem | Not relevant | https://arxiv.org/pdf/1911.00169 | ||||||
| 77 | 0 | Blockchain based Decentralized Applications: Technology Review and Development Guidelines | No relevant discussion | https://arxiv.org/pdf/2003.07131 | ||||||
| 78 | 1 | Practicability of blockchain technology and scalable blockchain network: sharding | Optimized transaction routing/gossiping? | https://minds.wisconsin.edu/bitstream/handle/1793/79576/AbdoulYigoThesis.pdf?sequence=1&isAllowed=y | ||||||
| 79 | 0 | A Framework for Blockchain-Based Verification of Integrity and Authenticity | https://link.springer.com/chapter/10.1007/978-3-030-33716-2_15 | |||||||
| 80 | 0 | Apex: a High-Performance Hierarchical Distributed Ledger | No relevant discussion | https://ieeexplore.ieee.org/iel7/8924808/8939160/08939189.pdf | ||||||
| 81 | 0 | Core Concepts, Challenges, and Future Directions in Blockchain: A Centralized Tutorial | No relevant discussion | https://dl.acm.org/doi/pdf/10.1145/3366370 | ||||||
| 82 | 0 | Gnocchi: Multiplexed Payment Channels for Cryptocurrencies | Not relevant | https://scholar.google.com/scholar?output=instlink&q=info:ZbHcPnTaVSIJ:scholar.google.com/&hl=en&as_sdt=1,5&sciodt=1,5&scillfp=4546932450360448581&oi=lle | ||||||
| 83 | 0 | Decentralized Authorization with Private Delegation | Not relevant | https://escholarship.org/uc/item/8r20m39b | ||||||
| 84 | 1 | Scaling Blockchain Databases through Parallel Resilient Consensus Paradigm | Maybe a better bft protocol? | https://arxiv.org/pdf/1911.00837 | ||||||
| 85 | 0 | Consolidating Hash Power in Blockchain Shards with a Forest | Not relevant | https://link.springer.com/chapter/10.1007/978-3-030-42921-8_18 | ||||||
| 86 | 0 | Efficient Transaction Processing in Byzantine Fault Tolerant Environments | Not a paper | https://jhellings.nl/files/htps2019_paper.pdf | ||||||
| 87 | 0 | Blockguard: Adaptive Blockchain Security | Not relevant | https://arxiv.org/pdf/1907.13232 | ||||||
| 88 | 0 | PIRATE: A Blockchain-based Secure Framework of Distributed Machine Learning in 5G Networks | Not relevant | https://arxiv.org/pdf/1912.07860 | ||||||
| 89 | 0 | Smart Contracts on the Move | Not relevant | https://arxiv.org/pdf/2004.05933 | ||||||
| 90 | 0 | Decentralized Platform for Investments and Operation of Energy Communities | Not relevant | https://ieeexplore.ieee.org/iel7/8962268/8974850/08975165.pdf | ||||||
| 91 | 0 | Software-Defined Infrastructure for Decentralized Data Lifecycle Governance: Principled Design and Open Challenges | Not relevant | https://ieeexplore.ieee.org/iel7/8867821/8884790/08885317.pdf | ||||||
| 92 | 0 | Guaranteed-TX: The exploration of a guaranteed cross-shard transaction execution protocol for Ethereum 2.0. | Not relevant | http://essay.utwente.nl/79884/1/Wels_MA_EEMCS.pdf | ||||||
| 93 | 0 | Addressing Scalability and Storage issues in Block Chain using Sharding | No access to paper | |||||||
| 94 | 0 | Reliable inter-blockchain communication framework for improving scalability | No access to paper (preprint) | https://www.researchgate.net/profile/Liu_Keyang/publication/334453300_Reliable_Inter-Blockchain_Protocol_for_improving_scalability/links/5d888025458515cbd1b3c4bb/Reliable-Inter-Blockchain-Protocol-for-improving-scalability.pdf | ||||||
| 95 | 0 | Technical Report Fides: Managing Data on Untrusted Infrastructure | Not relevant | https://sites.cs.ucsb.edu/~sujaya_maiyya/assets/papers/Fides.pdf | ||||||
| 96 | 0 | A Blockchain Traceable Scheme with Oversight Function | Not relevant | https://eprint.iacr.org/2020/311.pdf | ||||||
| 97 | 0 | Local Bitcoin Network Simulator for Performance Evaluation using Lightweight Virtualization | Not relevant | https://arxiv.org/pdf/2002.01243 | ||||||
| 98 | 1 | GARET: improving throughput using gas consumption-aware relocation in Ethereum sharding environments | An alternative way of assigning transactions? | https://link.springer.com/article/10.1007/s10586-020-03087-1 | ||||||
| 99 | 0 | Effective scaling of blockchain beyond consensus innovations and Moore's law | No relevant discussion | https://arxiv.org/pdf/2001.01865 | ||||||
| 100 | 0 | Beyond Replications in Blockchain | Not relevant | https://www.researchgate.net/profile/Shlomi_Dolev/publication/333813003_Beyond_Replications_in_Blockchain_OnOff-Blockchain_IDA_for_Storage_Efficiency_and_Confidentiality_Brief_Announcement/links/5dd2320c299bf1b74b4b3985/Beyond-Replications-in-Blockchain-On-Off-Blockchain-IDA-for-Storage-Efficiency-and-Confidentiality-Brief-Announcement.pdf | ||||||
| 101 | 1 | On the Feasibility of Sybil Attacks in Shard-Based Permissionless Blockchains | security and attack vectors | https://arxiv.org/pdf/2002.06531 | ||||||
| 102 | 0 | A Practical Dynamic Enhanced BFT Protocol | No relevant discussion | https://scholar.google.com/scholar?output=instlink&q=info:xWWIb0aIvVYJ:scholar.google.com/&hl=en&as_sdt=1,5&sciodt=1,5&scillfp=11267631656067756812&oi=lle | ||||||
| 103 | 0 | Sharding Is Scaling (Blockchain) | An unfinnished paper? What? | https://cdn.occloxium.com/g/seminar/55ea2bae/template_final.pdf | ||||||
| 104 | 0 | Enhancing Autonomy with Blockchain and Multi-Acess Edge Computing in Distributed Robotic Systems | Not relevant | https://tiers.utu.fi/static/papers/queralta2020enhancing.pdf | ||||||
| 105 | 0 | DiPETrans: A Framework for Distributed Parallel Execution of Transactions of Blocks in Blockchain | No relevant discussion | https://arxiv.org/pdf/1906.11721 | ||||||
| 106 | 0 | Multi-Stage Proof-of-Work Blockchain. | No relevant discussion | https://pdfs.semanticscholar.org/f450/71da7486af515d4d1982cd20098b11fa9fd6.pdf | ||||||
| 107 | 0 | A Survey on Consensus Methods in Blockchain for Resource-constrained IoT Networks | No relevant discussion | https://www.techrxiv.org/articles/A_Survey_on_Consensus_Methods_in_Blockchain_for_Resource-constrained_IoT_Networks/12152142/files/22344654.pdf | ||||||
| 108 | 1 | A Generic Sharding Scheme for Blockchain Protocols | https://arxiv.org/pdf/1909.01162 | |||||||
| 109 | 1 | Lever: Breaking the Shackles of Scalable On-chain Validation | Takes inspiration from rapidchain | https://pdfs.semanticscholar.org/6fd1/705cf99c5d57bde230b3e9143c874e874d95.pdf | ||||||
| 110 | 0 | Thinkey: A Scalable Blockchain Architecture | Does not state correct information on rapidchain and does not offer a discussion or argument to their statements. | https://arxiv.org/pdf/1904.04560 | ||||||
| 111 | 0 | Hybrid-BFT: Optimistically Responsive Synchronous Consensus with Optimal Latency or Resilience | No relevant discussion | https://eprint.iacr.org/2020/406.pdf | ||||||
| 112 | 0 | Flow: Separating Consensus and Compute | No relevant discussion | https://arxiv.org/pdf/1909.05821 | ||||||
| 113 | 0 | Snappy: Fast On-chain Payments with Practical Collaterals | No relevant discussion | https://arxiv.org/pdf/2001.01278 | ||||||
| 114 | 0 | Trust-Based Shard Distribution Scheme for Fault-Tolerant Shard Blockchain Networks | No relevant discussion | https://ieeexplore.ieee.org/iel7/6287639/8600701/08840847.pdf | ||||||
| 115 | 1 | A Node Rating Based Sharding Scheme for Blockchain | Node assigment based on speed | https://ieeexplore.ieee.org/iel7/8961328/8975714/08975842.pdf | ||||||
| 116 | 0 | Efficient Transaction Processing in Byzantine Fault Tolerant Environments | Just an abstract, full paper not available | https://gupta-suyash.github.io/hpts_abstract.pdf | ||||||
| 117 | 0 | Design and Optimization for Storage Mechanism of the Public Blockchain Based on Redundant Residual Number System | No relevant discussion and outside the field of sharding | https://ieeexplore.ieee.org/iel7/6287639/8600701/08767923.pdf | ||||||
| 118 | 0 | Fission: A Provably Fast, Scalable, and Secure Permissionless Blockchain | Focus on reducing message prop. relays | No relevant discussion | https://arxiv.org/pdf/1812.05032 | |||||
| 119 | 0 | Reliable Inter-Blockchain Protocol for improving scalability | Paper not available | |||||||
| 120 | 0 | A State-aware Proof of Stake Consensus Protocol for Power System Resilience | No relevant discussion. | https://dl.acm.org/doi/pdf/10.1145/3307772.3330177 | ||||||
| 121 | 0 | SkyEye: A Traceable Scheme for Blockchain | Not relevant | https://eprint.iacr.org/2020/034.pdf | ||||||
| 122 | 1 | A Fair Selection Protocol for Committee-based Permissionless Blockchains | relevant | https://www.sciencedirect.com/science/article/pii/S0167404820300055 | ||||||
| 123 | 0 | Incentive Analysis of Bitcoin-NG, Revisited | No relevant discussion | https://arxiv.org/pdf/2001.05082 | ||||||
| 124 | 0 | Boros: Secure Cross-Channel Transfers via Channel Hub | No relevant discussion | https://arxiv.org/pdf/1911.12929 | ||||||
| 125 | 1 | Bootstrapping Consensus Without Trusted Setup: Fully Asynchronous Distributed Key Generation | Bootstrapping | https://eprint.iacr.org/2019/1015.pdf | ||||||
| 126 | 1 | SharPer: Sharding Permissioned Blockchains Over Network Clusters | Relevant discussion | https://arxiv.org/pdf/1910.00765 | ||||||
| 127 | 0 | Scalable Blockchain Protocol Based on Proof of Stake and Sharding | No relevant discussion | |||||||
| 128 | 0 | Charlotte: Composable Authenticated Distributed Data Structures, Technical Report | No relevant discussion | https://arxiv.org/pdf/1905.03888 | ||||||
| 129 | 0 | Verifiable and Auditable Digital Interchange Framework | No relevant discussion | https://arxiv.org/pdf/2001.03717 | ||||||
| 130 | 0 | Towards Private, Robust, and Verifiable Crowdsensing Systems via Public Blockchains | No relevant discussion | https://ieeexplore.ieee.org/iel7/8858/4358699/08839417.pdf | ||||||
| 131 | 1 | Multichain-MWPoW: A Adversary Power Resistant Blockchain Sharding Approach to a Decentralised Autonomous Organisation Architecture | Might provide some relevant discussion | https://arxiv.org/pdf/2004.04798 | ||||||
| 132 | 0 | Contract-connection: An efficient communication protocol for Distributed Ledger Technology | No relevant discussion | https://ieeexplore.ieee.org/iel7/8955479/8958711/08958730.pdf | ||||||
| 133 | 1 | A Secure and Practical Blockchain Scheme for IoT | Compares it self with rapidchain | https://ieeexplore.ieee.org/iel7/8883860/8887294/08887375.pdf | ||||||
| 134 | 1 | An n/2 Byzantine node tolerate Blockchain Sharding approach | A successor? | https://arxiv.org/pdf/2001.05240 | ||||||
| 135 | 0 | ShallowForest: Optimizing All-to-All Data Transmission in WANs | No relevant discussion | https://uwspace.uwaterloo.ca/bitstream/handle/10012/14690/Hao_Tan_Thesis.pdf?sequence=1&isAllowed=y | ||||||
| 136 | 0 | BAASH: Enabling Blockchain-as-a-Service on High-Performance Computing Systems | No relevant discussion | https://arxiv.org/pdf/2001.07022 | ||||||
| 137 | 0 | Elastico as an ordering service in Hyperledger Fabric | No relevant discussion | https://security.cse.iitk.ac.in/sites/default/files/17111010.pdf | ||||||
| 138 | 1 | Load Balancing for Sharded Blockchains | load balancing | http://fc20.ifca.ai/wtsc/WTSC2020/WTSC20_paper_7.pdf | ||||||
| 139 | 0 | A Study on Security and Privacy related Issues in Blockchain Based Applications | No relevant discussion | https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8991214 | ||||||
| 140 | 1 | Progress on the Use of Sharding to Enhance Blockchain Scalability | very relevant. Compares elastico omniledger and rapidchain. | https://cdn.occloxium.com/g/seminar/3947cec6/paper.pdf | ||||||
| 141 | 0 | Blockchain System for 5G Network Sharing | No relevant discussion | https://i.cs.hku.hk/fyp/2019/fyp19037/assets/docs/proj_plan.pdf | ||||||
| 142 | 0 | On the information theory of clustering, registration, and blockchains | No relevant discussion | https://www.ideals.illinois.edu/bitstream/handle/2142/104833/RAMAN-DISSERTATION-2019.pdf?sequence=1&isAllowed=y | ||||||
| 143 | 1 | 0 | GARET: improving throughput using gas consumption-aware relocation in Ethereum sharding environments | https://lass.sogang.ac.kr/pdf/2020/intl_jour/Cluster_Computing_2020_SWoo.pdf | ||||||
| 144 | 0 | Improving the Efficiency of Blockchain Applications with Smart Contract based Cyber-insurance | Not relevant | http://faculty.cs.njupt.edu.cn/~xujia/Paper/2020ICC.pdf | ||||||
| 145 | 0 | Scalable and Efficient Data Authentication for Decentralized Systems | Does not cite rapidchain, and no relevant discussion. | https://arxiv.org/pdf/1909.11590 | ||||||
| 146 | 0 | Blockchain enabled Named Data Networking for Secure Vehicle-to-Everything Communications | No relevant discussion | https://ieeexplore.ieee.org/iel7/65/7593428/09023466.pdf | ||||||
| 147 | 0 | Permissioned Blockchain Through the Looking Glass: Architectural and Implementation Lessons Learned | Permissioned and No relevant discussion | https://arxiv.org/pdf/1911.09208 | ||||||
| 148 | 0 | Fides: Managing Data on Untrusted Infrastructure | Not relevant | https://arxiv.org/pdf/2001.06933 | ||||||
| 149 | 0 | Do you need a blockchain in construction? Use case categories and decision framework for DLT design options | Not relevant | https://www.sciencedirect.com/science/article/pii/S147403462030063X | ||||||
| 150 | 0 | Microchain: a Light Hierarchical Consensus Protocol for IoT System | No relevant discussion | https://arxiv.org/pdf/1912.10357 | ||||||
| 151 | 0 | A Robust Throughput Scheme for Bitcoin Network without Block Reward | No relevant discussion | https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8855462 | ||||||
| 152 | 1 | New Mathematical Model to Analyze Security of Sharding-Based Blockchain Protocols | Analysis | https://ieeexplore.ieee.org/iel7/6287639/8600701/08936849.pdf | ||||||
| 153 | 0 | GCBlock: A Grouping and Coding Based Storage Scheme for Blockchain System | Not relevant | https://ieeexplore.ieee.org/iel7/6287639/8948470/09025067.pdf | ||||||
| 154 | 0 | Comparison Between Bitcoin and Quarkchain | Full paper not accessible | https://www.ingentaconnect.com/content/asp/jctn/2019/00000016/00000003/art00005 | ||||||
| 155 | 0 | Projektbericht für die QS Qualität und Sicherheit GmbH, Bonn | Not in english | https://www.q-s.de/services/files/qs-wissenschaftsfonds/Forschungsbericht-Ermittlung-Potenziale-ausgew%C3%A4hlte-Distri.pdf | ||||||
| 3 | 45 |
Fuzzing
Note
The sole purpose of this repository is to help me organize recent academic papers related to fuzzing, binary analysis, IoT security, and general exploitation. This is a non-exhausting list, even though I'll try to keep it updated... Feel free to suggest decent papers via a PR.
Papers and Links
- 2021 - An Empirical Study of OSS-Fuzz Bugs
- Tags: flaky bugs, clusterfuzz, sanitizer, bug detection, bug classification, time-to-fix, time-to-detect
- 2020 - Corpus Distillation for Effective Fuzzing
- Tags: corpus minimization, afl-cmin, google fuzzer test suite, FTS, minset, AFL
- 2020 - Symbolic execution with SymCC: Don't interpret, compile!
- Tags: KLEE, QSYM, LLVM, C, C++, compiler, symbolic execution, concolic execution, source code level, IR, angr, Z3, DARPA corpus, AFL
- 2020 - WEIZZ: Automatic Grey-Box Fuzzing for Structured Binary Formats
- Tags: REDQUEEN, chunk-based formats, AFLSmart, I2S, checksums, magix bytes, QEMU, Eclipser, short fuzzing runs,
- 2020 - Efficient Binary-Level Coverage Analysis
- Tags: bcov, detour + trampoline, basic block coverage, sliced microexecution, superblocks, strongly connected components, dominator graph, BAP, angr, IDA, DynamoRIO, Intel PI, BAP, angr, IDA, DynamoRIO, Intel PIN
- 2020 - Test-Case Reduction via Test-Case Generation: Insights From the Hypothesis Reducer
- Tags: Test case reducer, property based testing, CSmith, test case generation, hierachical delta debugging
- 2020 - AFL++: Combining Incremental Steps of Fuzzing Research
- Tags: AFL++, AFL, MOpt, LAF-Intel, Fuzzbench, Ngram, RedQueen, Unicorn, QBDI, CmpLog, AFLFast
- 2020 - FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware
- Tags: Ghdira, static analysis, sound disassembly, base address finder, BLE, vulnerability discovery
- 2020 - P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling
- Tags: HALucinator, emulation, firmware, QEMU, AFL, requires source, MCU, peripheral abstraction
- 2020 - What Exactly Determines the Type? Inferring Types with Context
- Tags: context assisted type inference, stripped binaries, variable and type reconstruction, IDA Pro, Word2Vec, CNN,
- 2020 - Causal Testing: Understanding Defects’ Root Causes
- Tags: Defects4J, causal relationships, Eclipse plugin, unit test mutation, program trace diffing, static value diffing, user study
- 2020 - AURORA: Statistical Crash Analysis for Automated Root Cause Explanation
- Tags: RCA, program traces, input diversification, Intel PIN, Rust, CFG,
- 2020 - ParmeSan: Sanitizer-guided Greybox Fuzzing
- Tags: interprocedural CFG, data flow analysis, directed fuzzing (DGF), disregarding 'hot paths', LAVA-M based primitives, LLVM, Angora, AFLGo, ASAP, santizer dependent
- 2020 - Magma: A Ground-Truth Fuzzing Benchmark
- Tags: best practices, fuzzer benchmarking, ground truth, Lava-M
- 2020 - Fitness Guided Vulnerability Detection with Greybox Fuzzing
- Tags: AFL, vuln specific fitness metric (headroom), buffer/integer overflow detection, AFLGo, pointer analysis, CIL, bad benchmarking
- 2020 - GREYONE: Data Flow Sensitive Fuzzing
- Tags: data-flow fuzzing, taint-guided mutation, input prioritization, constraint conformance, REDQUEEN, good evaluation, VUzzer
- 2020 - FairFuzz-TC: a fuzzer targeting rare branches
- Tags: AFL, required seeding, branch mask
- 2020 - Fitness Guided Vulnerability Detection with Greybox Fuzzing
- Tags: AFL, vuln specific fitness metric (headroom), buffer/integer overflow detection, AFLGo, pointer analysis, CIL, bad evaluation
- 2020 - TOFU: Target-Oriented FUzzer
- Tags: DGF, structured mutations, staged fuzzing/learning of cli args, target fitness, structure aware, Dijkstra for priority, AFLGo, Superion
- 2020 - FuZZan: Efficient Sanitizer Metadata Design for Fuzzing
- Tags:: sanitizer metadata, optimization, ASAN, MSan, AFL
- 2020 - Boosting Fuzzer Efficiency: An Information Theoretic Perspective
- Tags:: Shannon entropy, seed power schedule, libfuzzer, active SLAM, DGF, fuzzer efficiency
- 2020 - Learning Input Tokens for Effective Fuzzing
- Tags: dynamic taint tracking, parser checks, magic bytes, creation of dict inputs for fuzzers
- 2020 - A Review of Memory Errors Exploitation in x86-64
- Tags: NX, canaries, ASLR, new mitigations, mitigation evaluation, recap on memory issues
- 2020 - SoK: The Progress, Challenges, and Perspectives of Directed Greybox Fuzzing
- Tags: SoK, directed grey box fuzzing, AFL, AFL mutation operators, DGF vs CGF
- 2020 - MemLock: Memory Usage Guided Fuzzing
- Tags: memory consumption, AFL, memory leak, uncontrolled-recursion, uncontrolled-memory-allocation, static analysis
- 2019 - Matryoshka: Fuzzing Deeply Nested Branches
- Tags: AFL, QSYM, Angora, path constraints, nested conditionals, (post) dominator trees, gradient descent, REDQUEEN, LAVA-M
- 2019 - Building Fast Fuzzers
- Tags: grammar based fuzzing, optimization, bold claims, comparison to badly/non-optimized fuzzers, python, lots of micro-optimizations, nice protocolling of failures, bad ASM optimization
- 2019 - Not All Bugs Are the Same: Understanding, Characterizing, and Classifying the Root Cause of Bugs
- Tags: RCA via bug reports, classification model, F score,
- 2019 - AntiFuzz: Impeding Fuzzing Audits of Binary Executables
- Tags: anti fuzzing, prevent crashes, delay executions, obscure coverage information, overload symbolic execution
- 2019 - MOpt: Optimized Mutation Scheduling for Fuzzers
- Tags: mutation scheduling, particle swarm optimization (PSO), AFL, AFL mutation operators, VUzzer,
- 2019 - FuzzFactory: Domain-Specific Fuzzing with Waypoints
- Tags: domain-specific fuzzing, AFL, LLVM, solve hard constraints like cmp, find dynamic memory allocations, binary-based
- 2019 - Fuzzing File Systems via Two-Dimensional Input Space Exploration
- Tags: Ubuntu, file systems, library OS, ext4, brtfs, meta block mutations, edge cases
- 2019 - REDQUEEN: Fuzzing with Input-to-State Correspondence
- Tags: feedback-driven, AFL, magic-bytes, nested contraints, input-to-state correspondence, I2S
- 2019 - PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
- Tags: kernel, android, userland, embedded, hardware, Linux, device driver, WiFi
- 2019 - FirmFuzz: Automated IoT Firmware Introspection and Analysis
- Tags: emulation, firmadyne, BOF, XSS, CI, NPD, semi-automatic
- 2019 - Firm-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation
- Tags: emulation, qemu, afl, full vs user mode, syscall redirect, "augmented process emulation", firmadyne
- 2018 - A Survey of Automated Root Cause Analysisof Software Vulnerability
- Tags: Exploit mitigations, fuzzing basics, symbolic execution basics, fault localization, high level
- 2018 - PhASAR: An Inter-procedural Static Analysis Framework for C/C++
- Tags: LLVM, (inter-procedural) data-flow analysis, call-graph, points-to, class hierachy, CFG, IR
- 2018 - INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing
- Tags: LLVM, instrumentation optimization, graph algorithms, selective instrumentation, coverage calculation
- 2018 - What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices
- Tags: embedded, challenges, heuristics, emulation, crash classification, fault detection
- 2018 - Evaluating Fuzz Testing
- Tags: fuzzing evaluation, good practices, bad practices
- 2017 - Root Cause Analysis of Software Bugs using Machine Learning Techniques
- Tags: ML, RC prediction for filed bug reports, unsupervised + supervised combination, RC categorisation, F score
- 2017 - kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
- Tags: intel PT, kernel, AFL, file systems, Windows, NTFS, Linux, ext, macOS, APFS, driver, feedback-driven
- 2016 - Driller: Argumenting Fuzzing Through Selective Symbolic Execution
- Tags: DARPA, CGC, concolic execution, hybrid fuzzer, binary based
- 2015 - Challenges with Applying Vulnerability Prediction Models
- Tags: VPM vs DPM, prediction models on large scale systems, files with frequent changes leave more vulns, older code exhibits more vulns
- 2014 - Optimizing Seed Selection for Fuzzing
- Tags: BFF, (weighted) minset, peach, cover set problem, seed transferabilty, time minset, size minset, round robin
- 2013 - Automatic Recovery of Root Causes from Bug-Fixing Changes
- Tags: ML + SCA, F score, AST, PPA, source tree analysis
General fuzzing implementations
- 2021 - Scalable Fuzzing of Program Binaries with E9AFL
- 2021 - BigMap: Future-proofing Fuzzers with Efficient Large Maps
- 2021 - Token-Level Fuzzing
- 2021 - Hashing Fuzzing: Introducing Input Diversity to Improve Crash Detection
- 2021 - LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating
- 2021 - ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities
- 2021 - FIRM-COV: High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation
- 2021 - KCFuzz: Directed Fuzzing Based on Keypoint Coverage
- 2021 - TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing
- 2021 - Fuzzing with optimized grammar-aware mutation strategies
- 2021 - Directed Fuzzing for Use-After-FreeVulnerabilities Detection
- 2021 - RapidFuzz: Accelerating Fuzzing via Generative Adversarial Networks
- 2021 - DIFUZZRTL: Differential Fuzz Testing to FindCPU Bugs
- 2021 - Z-Fuzzer: device-agnostic fuzzing of Zigbee protocol implementation
- 2021 - Fuzzing with Multi-dimensional Control of Mutation Strategy
- 2021 - Using a Guided Fuzzer and Preconditions to Achieve Branch Coverage with Valid Inputs
- 2021 - RIFF: Reduced Instruction Footprint for Coverage-Guided Fuzzing
- 2021 - CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing
- 2021 - Seed Selection for Successful Fuzzing
- 2021 - Gramatron: Effective Grammar-Aware Fuzzing
- 2021 - Hyntrospect: a fuzzer for Hyper-V devices
- 2021 - FUZZOLIC: mixing fuzzing and concolic execution
- 2021 - QFuzz: Quantitative Fuzzing for Side Channels
- 2021 - Revizor: Fuzzing for Leaks in Black-box CPUs
- 2021 - Unleashing Fuzzing Through Comprehensive, Efficient, and Faithful Exploitable-Bug Exposing
- 2021 - Constraint-guided Directed Greybox Fuzzing
- 2021 - Test-Case Reduction and Deduplication Almost forFree with Transformation-Based Compiler Testing
- 2021 - RULF: Rust Library Fuzzing via API Dependency Graph Traversal
- 2021 - STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
- 2021 - PS-Fuzz: Efficient Graybox Firmware Fuzzing Based on Protocol State
- 2021 - MuDelta: Delta-Oriented Mutation Testing at Commit Time
- 2021 - CollabFuzz: A Framework for Collaborative Fuzzing
- 2021 - MUTAGEN: Faster Mutation-Based Random Testing
- 2021 - Inducing Subtle Mutations with Program Repair
- 2021 - Differential Analysis of X86-64 Instruction Decoders
- 2021 - On Introducing Automatic Test Case Generation in Practice: A Success Story and Lessons Learned
- 2021 - A Priority Based Path Searching Method for Improving Hybrid Fuzzing
- 2021 - IntelliGen: Automatic Driver Synthesis for Fuzz Testing
- 2021 - icLibFuzzer: Isolated-context libFuzzer for Improving Fuzzer Comparability
- 2021 - SN4KE: Practical Mutation Testing at Binary Level
- 2021 - One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation
- 2021 - Growing A Test Corpus with Bonsai Fuzzing
- 2021 - Fuzzing Symbolic Expressions
- 2021 - JMPscare: Introspection for Binary-Only Fuzzing
- 2021 - An Improved Directed Grey-box Fuzzer
- 2021 - A Binary Protocol Fuzzing Method Based on SeqGAN
- 2021 - Refined Grey-Box Fuzzing with Sivo
- 2021 - PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization
- 2021 - MooFuzz: Many-Objective Optimization Seed Schedule for Fuzzer
- 2021 - CMFuzz: context-aware adaptive mutation for fuzzers
- 2021 - GTFuzz: Guard Token Directed Grey-Box Fuzzing
- 2021 - ProFuzzBench: A Benchmark for Stateful Protocol Fuzzing
- 2021 - SymQEMU:Compilation-based symbolic execution for binaries
- 2021 - CONCOLIC EXECUTION TAILORED FOR HYBRID FUZZING THESIS
- 2021 - Breaking Through Binaries: Compiler-quality Instrumentationfor Better Binary-only Fuzzing
- 2021 - AlphaFuzz: Evolutionary Mutation-based Fuzzing as Monte Carlo Tree Search
- 2020 - Fuzzing with Fast Failure Feedback
- 2020 - LAFuzz: Neural Network for Efficient Fuzzing
- 2020 - MaxAFL: Maximizing Code Coverage with a Gradient-Based Optimization Technique
- 2020 - Program State Abstraction for Feedback-Driven Fuzz Testing using Likely Invariants
- 2020 - PMFuzz: Test Case Generation for Persistent Memory Programs
- 2020 - FuSeBMC: A White-Box Fuzzer for Finding Security Vulnerabilities in C Programs
- 2020 - Integrity: Finding Integer Errors by Targeted Fuzzing
- 2020 - ConFuzz: Coverage-guided Property Fuzzing for Event-driven Programs
- 2020 - AFLTurbo: Speed up Path Discovery for Greybox Fuzzing
- 2020 - Fuzzing Channel-Based Concurrency Runtimes using Types and Effects
- 2020 - DeFuzz: Deep Learning Guided Directed Fuzzing
- 2020 - CrFuzz: Fuzzing Multi-purpose Programs through InputValidation
- 2020 - EPfuzzer: Improving Hybrid Fuzzing with Hardest-to-reach Branch Prioritization
- 2020 - Fuzzing Based on Function Importance by Attributed Call Graph
- 2020 - UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers
- 2020 - PathAFL: Path-Coverage Assisted Fuzzing
- 2020 - Path Sensitive Fuzzing for Native Applications
- 2020 - UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling
- 2020 - Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
- 2020 - SpecFuzz: Bringing Spectre-type vulnerabilities to the surface
- 2020 - Zeror: Speed Up Fuzzing with Coverage-sensitive Tracing and Scheduling
- 2020 - MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs
- 2020 - Evolutionary Grammar-Based Fuzzing
- 2020 - AFLpro: Direction sensitive fuzzing
- 2020 - CSI-Fuzz: Full-speed Edge Tracing Using Coverage Sensitive Instrumentation
- 2020 - Scalable Greybox Fuzzing for Effective Vulnerability Management DISS
- 2020 - HotFuzz Discovering Algorithmic Denial-of-Service Vulnerabilities through Guided Micro-Fuzzing
- 2020 - Fuzzing Binaries for Memory Safety Errors with QASan
- 2020 - Suzzer: A Vulnerability-Guided Fuzzer Based on Deep Learning
- 2020 - IJON: Exploring Deep State Spaces via Fuzzing
- 2020 - Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
- 2020 - AFLNET: A Greybox Fuzzer for Network Protocols
- 2020 - PANGOLIN: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction
- 2020 - UEFI Firmware Fuzzing with Simics Virtual Platform
- 2020 - Finding Security Vulnerabilities in Network Protocol Implementations
- 2020 - Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities
- 2020 - FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning
- 2020 - HyDiff: Hybrid Differential Software Analysis
- 2019 - Engineering a Better Fuzzer with SynergicallyIntegrated Optimizations
- 2019 - Superion: Grammar-Aware Greybox Fuzzing
- 2019 - ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery
- 2019 - Grimoire: Synthesizing Structure while Fuzzing
- 2019 - Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary
- 2019 - SAVIOR: Towards Bug-Driven Hybrid Testing
- 2019 - FUDGE: Fuzz Driver Generation at Scale
- 2019 - NAUTILUS: Fishing for Deep Bugs with Grammars
- 2019 - Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing
- 2019 - EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers
- 2018 - Fuzz Testing in Practice: Obstacles and Solutions
- 2018 - PAFL: Extend Fuzzing Optimizations of Single Mode to Industrial Parallel Mode
- 2018 - PTfuzz: Guided Fuzzing with Processor Trace Feedback
- 2018 - Angora: Efficient Fuzzing by Principled Search
- 2018 - FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage
- 2018 - NEUZZ: Efficient Fuzzing with Neural Program Smoothing
- 2018 - CollAFL: path Sensitive Fuzzing
- 2018 - Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing
- 2018 - QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
- 2018 - Coverage-based Greybox Fuzzing as Markov Chain
- 2018 - MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation
- 2018 - Singularity: Pattern Fuzzing for Worst Case Complexity
- 2018 - Smart Greybox Fuzzing
- 2018 - Hawkeye: Towards a Desired Directed Grey-box Fuzzer
- 2018 - PerfFuzz: Automatically Generating Pathological Inputs
- 2018 - FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage
- 2018 - Enhancing Memory Error Detection forLarge-Scale Applications and Fuzz Testing
- 2018 - T-Fuzz: fuzzing by program transformation
- 2017 - Evaluating and improving fault localization
- 2017 - IMF: Inferred Model-based Fuzzer
- 2017 - Synthesizing Program Input Grammars
- 2017 - Stateful Fuzzing of Wireless Device Drivers in an Emulated Environment
- 2017 - Steelix: Program-State Based Binary Fuzzing
- 2017 - Designing New Operating Primitives to ImproveFuzzing Performance
- 2017 - VUzzer: Application-aware Evolutionary Fuzzing
- 2017 - DIFUZE: Interface Aware Fuzzing for Kernel Drivers
- 2017 - Instruction Punning: Lightweight Instrumentation for x86-64
- 2017 - Designing New Operating Primitives to Improve Fuzzing Performance
- 2014 - A Large-Scale Analysis of the Security of Embedded Firmwares
- 2013 - Scheduling Black-box Mutational Fuzzing
- 2013 - Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations
- 2013 - RPFuzzer: A Framework for Discovering Router Protocols Vulnerabilities Based on Fuzzing
- 2011 - Offset-Aware Mutation based Fuzzing for Buffer Overflow Vulnerabilities: Few Preliminary Results
- 2010 - TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection
- 2009 - Taint-based Directed Whitebox Fuzzing
- 2009 - Dynamic Test Generation To Find Integer Bugs in x86 Binary Linux Programs
- 2008 - Grammar-based Whitebox Fuzzing
- 2008 - Vulnerability Analysis for X86 Executables Using Genetic Algorithm and Fuzzing
- 2008 - Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities
- 2008 - KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs
- 2008 - Automated Whitebox Fuzz Testing
- 2005 - DART: Directed Automated Random Testing
- 1994 - Dominators, Super Blocks, and Program Coverage
IoT fuzzing
- 2021 - Automatic Vulnerability Detection in Embedded Devices and Firmware: Survey and Layered Taxonomies
- 2021 - Fuzzing the Internet of Things: A Review on the Techniques and Challenges for Efficient Vulnerability Discovery in Embedded Systems
- 2020 - Verification of Embedded Software Binaries using Virtual Prototypes
- 2020 - μSBS: Static Binary Sanitization of Bare-metal Embedded Devices forFault Observability
- 2020 - Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation
- 2020 - Vulnerability Detection in SIoT Applications: A Fuzzing Method on their Binaries
- 2020 - FirmAE: Towards Large-Scale Emulation of IoT Firmware forDynamic Analysis
- 2020 - FIRMNANO: Toward IoT Firmware Fuzzing Through Augmented Virtual Execution
- 2020 - ARM-AFL: Coverage-Guided Fuzzing Framework for ARM-Based IoT Devices
- 2020 - Bug detection in embedded environments by fuzzing and symbolic execution
- 2020 - FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware
- 2020 - EM-Fuzz: Augmented Firmware Fuzzing via Memory Checking
- 2020 - Verification of Embedded Binaries using Coverage-guided Fuzzing with System C-based Virtual Prototypes
- 2020 - DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis
- 2020 - Fw‐fuzz: A code coverage‐guided fuzzing framework for network protocols on firmware
- 2020 - TAINT-DRIVEN FIRMWARE FUZZING OF EMBEDDED SYSTEMS THESIS
- 2020 - A Dynamic Instrumentation Technology for IoT Devices
- 2020 - Vulcan: a state-aware fuzzing tool for wear OS ecosystem
- 2020 - A Novel Concolic Execution Approach on Embedded Device
- 2020 - HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations
- 2020 - FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution
- 2018 - IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing
- 2017 - Towards Automated Dynamic Analysis for Linux-based Embedded Firmware
- 2016 - Scalable Graph-based Bug Search for Firmware Images
- 2015 - SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems
- 2015 - Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
- 2014 - A Large-Scale Analysis of the Security of Embedded Firmwares
- 2013 - RPFuzzer: A Framework for Discovering Router Protocols Vulnerabilities Based on Fuzzing
Emulation
- 2021 - Automatic Firmware Emulation through Invalidity-guided Knowledge Inference(Extended Version)
- 2021 - Firmware Re-hosting Through Static Binary-level Porting
- 2021 - Jetset: Targeted Firmware Rehosting for Embedded Systems
- 2021 - Automatic Firmware Emulation through Invalidity-guided Knowledge Inference
Kernel fuzzing
- 2021 - SyzVegas: Beating Kernel Fuzzing Odds with Reinforcement Learning
- 2021 - NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis
- 2021 - Undo Workarounds for Kernel Bugs
- 2020 - A Hybrid Interface Recovery Method for Android Kernels Fuzzing
- 2020 - FINDING RACE CONDITIONS IN KERNELS:FROM FUZZING TO SYMBOLIC EXECUTION - THESIS
- 2020 - Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints
- 2020 - X-AFL: a kernel fuzzer combining passive and active fuzzing
- 2020 - Identification of Kernel Memory Corruption Using Kernel Memory Secret Observation Mechanism
- 2020 - HFL: Hybrid Fuzzing on the Linux Kernel
- 2020 - Realistic Error Injection for System Calls
- 2020 - KRACE: Data Race Fuzzing for Kernel File Systems
- 2020 - USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation
- 2019 - Fuzzing File Systems via Two-Dimensional Input Space Exploration
- 2019 - Razzer: Finding Kernel Race Bugs through Fuzzing
- 2019 - Unicorefuzz: On the Viability of Emulation for Kernel space Fuzzing
- 2017 - Stateful Fuzzing of Wireless Device Drivers in an Emulated Environment
- 2017 - DIFUZE: Interface Aware Fuzzing for Kernel Drivers
- 2008 - Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities
Format specific fuzzing
- 2020 - NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
- 2020 - Tree2tree Structural Language Modeling for Compiler Fuzzing
- 2020 - Detecting Critical Bugs in SMT Solvers Using Blackbox Mutational Fuzzing
- 2020 - JS Engine - Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer
- 2020 - JS Engine - Fuzzing JavaScript Engines with Aspect-preserving Mutation
- 2020 - CUDA Compiler - CUDAsmith: A Fuzzer for CUDA Compilers
- 2020 - Smart Contracts - sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts
- 2019 - Compiler Fuzzing: How Much Does It Matter?
- 2019 - Smart Contracts - Harvey: A Greybox Fuzzer for Smart Contracts
- 2017 - XML - Skyfire: Data-Driven Seed Generation for Fuzzing
Exploitation
- 2021 - V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities
- 2021 - Identifying Valuable Pointers in Heap Data
- 2021 - OCTOPOCS: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept
- 2021 - Characterizing Vulnerabilities in a Major Linux Distribution
- 2021 - MAZE: Towards Automated Heap Feng Shui
- 2021 - Vulnerability Detection in C/C++ Source Code With Graph Representation Learning
- 2021 - mallotROPism: a metamorphic engine for malicious software variation development
- 2020 - Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
- 2020 - Shadow-Heap: Preventing Heap-based Memory Corruptions by Metadata Validation
- 2020 - Practical Fine-Grained Binary Code Randomization
- 2020 - Tiny-CFA: Minimalistic Control-Flow Attestation UsingVerified Proofs of Execution
- 2020 - Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters - PHD THESIS
- 2020 - ABCFI: Fast and Lightweight Fine-Grained Hardware-Assisted Control-Flow Integrity
- 2020 - HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities
- 2020 - Localizing Patch Points From One Exploit
- 2020 - Speculative Dereferencing of Registers: Reviving Foreshadow
- 2020 - HAEPG: An Automatic Multi-hop Exploitation Generation Framework
- 2020 - Exploiting More Binaries by Using Planning to Assemble ROP Exploiting More Binaries by Using Planning to Assemble ROP Attacks Attacks
- 2020 - ROPminer: Learning-Based Static Detection of ROP Chain Considering Linkability of ROP Gadgets
- 2020 - KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
- 2020 - Preventing Return Oriented Programming Attacks By Preventing Return Instruction Pointer Overwrites
- 2020 - KASLR: Break It, Fix It, Repeat
- 2020 - ShadowGuard : Optimizing the Policy and Mechanism of Shadow Stack Instrumentation using Binary Static Analysis
- 2020 - VulHunter: An Automated Vulnerability Detection System Based on Deep Learning and Bytecode
- 2020 - Analysis and Evaluation of ROPInjector
- 2020 - API Misuse Detection in C Programs: Practice on SSL APIs
- 2020 - KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
- 2020 - Egalito: Layout-Agnostic Binary Recompilation
- 2020 - Verifying Software Vulnerabilities in IoT Cryptographic Protocols
- 2020 - μRAI: Securing Embedded Systems with Return Address Integrity
- 2020 - Preventing Return Oriented Programming Attacks By Preventing Return Instruction Pointer Overwrites
- 2019 - Kernel Protection Against Just-In-Time Code Reuse
- 2019 - Kernel Exploitation Via Uninitialized Stack
- 2019 - KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
- 2019 - SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
- 2018 - HeapHopper: Bringing Bounded Model Checkingto Heap Implementation Security
- 2018 - K-Miner: Uncovering Memory Corruption in Linux
- 2017 - HAIT: Heap Analyzer with Input Tracing
- 2017 - DROP THE ROP: Fine-grained Control-flow Integrity for the Linux Kernel
- 2017 - kR^X: Comprehensive Kernel Protection against Just-In-Time Code Reuse
- 2017 - Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying
- 2017 - Towards Automated Dynamic Analysis for Linux-based Embedded Firmware
- 2016 - Scalable Graph-based Bug Search for Firmware Images
- 2015 - Cross-Architecture Bug Search in Binary Executables
- 2015 - SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems
- 2015 - From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel
- 2015 - PIE: Parser Identification in Embedded Systems
- 2014 - ret2dir: Rethinking Kernel Isolation
- 2014 - Make It Work, Make It Right, Make It Fast: Building a Platform-Neutral Whole-System Dynamic Binary Analysis Platform
- 2012 - Anatomy of a Remote Kernel Exploit
- 2012 - A Heap of Trouble: Breaking the LinuxKernel SLOB Allocator
- 2011 - Linux kernel vulnerabilities: state-of-the-art defenses and open problems
- 2011 - Protecting the Core: Kernel Exploitation Mitigations
- 2015 - From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel
- 2014 - ret2dir: Rethinking Kernel Isolation
- 2012 - Anatomy of a Remote Kernel Exploit
- 2012 - A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator
- 2011 - Linux kernel vulnerabilities: state-of-the-art defenses and open problems
- 2011 - Protecting the Core: Kernel Exploitation Mitigations
Static Binary Analysis
- 2021 - VIVA: Binary Level Vulnerability Identification via Partial Signature
- 2021 - Overview of the advantages and disadvantages of static code analysis tools
- 2021 - Multi-Level Cross-Architecture Binary Code Similarity Metric
- 2020 - VulDetector: Detecting Vulnerabilities using Weighted Feature Graph Comparison
- 2020 - DEEPBINDIFF: Learning Program-Wide Code Representations for Binary Diffing
- 2020 - BinDeep: A Deep Learning Approach to Binary Code Similarity Detection
- 2020 - Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned
- 2020 - iDEA: Static Analysis on the Security of Apple Kernel Drivers
- 2020 - HART: Hardware-Assisted Kernel Module Tracing on Arm
- 2020 - AN APPROACH TO COMPARING CONTROL FLOW GRAPHS BASED ON BASIC BLOCK MATCHING
- 2020 - How Far We Have Come: Testing Decompilation Correctness of C Decompilers
- 2020 - Dynamic Binary Lifting and Recompilation DISS
- 2020 - Similarity Based Binary Backdoor Detection via Attributed Control Flow Graph
- 2020 - IoTSIT: A Static Instrumentation Tool for IoT Devices
- 2019 - Code Similarity Detection using AST and Textual Information
- 2018 - CodEX: Source Code Plagiarism DetectionBased on Abstract Syntax Trees
- 2017 - rev.ng: a unified binary analysis framework to recover CFGs and function boundaries
- 2017 - Angr: The Next Generation of Binary Analysis
- 2016 - Binary code is not easy
- 2015 - Cross-Architecture Bug Search in Binary Executables
- 2014 - A platform for secure static binary instrumentation
- 2013 - MIL: A language to build program analysis tools through static binary instrumentation
- 2013 - Binary Code Analysis
- 2013 - A compiler-level intermediate representation based binary analysis and rewriting system
- 2013 - Protocol reverse engineering through dynamic and static binary analysis
- 2013 - BinaryPig: Scalable Static Binary Analysis Over Hadoop
- 2011 - BAP: A Binary Analysis Platform
- 2009 - Syntax tree fingerprinting for source code similarity detection
- 2008 - BitBlaze: A New Approach to Computer Security via Binary Analysis
- 2005 - Practical analysis of stripped binary code
- 2004 - Detecting kernel-level rootkits through binary analysis
Misc
- 2021 - UAFSan: an object-identifier-based dynamic approach for detecting use-after-free vulnerabilities
- 2021 - SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning
- 2021 - LLSC: A Parallel Symbolic Execution Compiler for LLVM IR
- 2021 - FuzzSplore: Visualizing Feedback-Driven Fuzzing Techniques
- 2020 - Memory Error Detection Based on Dynamic Binary Translation
- 2020 - Sydr: Cutting Edge Dynamic Symbolic Execution
- 2020 - DrPin: A dynamic binary instumentator for multiple processor architectures
- 2020 - MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures
- 2020 - Collecting Vulnerable Source Code from Open-Source Repositories for Dataset Generation
- 2020 - LEOPARD: Identifying Vulnerable Code for Vulnerability Assessment through Program Metrics
- 2020 - Dynamic Program Analysis Tools in GCC and CLANG Compilers
- 2020 - On Using k-means Clustering for Test Suite Reduction
- 2020 - Optimizing the Parameters of an Evolutionary Algorithm for Fuzzing and Test Data Generation
- 2020 - Inputs from Hell: Learning Input Distributions for Grammar-Based Test Generation
- 2020 - IdSan: An identity-based memory sanitizer for fuzzing binaries
- 2020 - An experimental study oncombining automated andstochastic test data generation - MASTER THESIS
- 2020 - FuzzGen: Automatic Fuzzer Generation
- 2020 - Fuzzing: On the Exponential Cost of Vulnerability Discovery
- 2020 - Poster: Debugging Inputs
- 2020 - API Misuse Detection in C Programs: Practice on SSL APIs
- 2020 - Egalito: Layout-Agnostic Binary Recompilation
- 2020 - Verifying Software Vulnerabilities in IoT Cryptographic Protocols
- 2020 - μRAI: Securing Embedded Systems with Return Address Integrity
- 2020 - Fast Bit-Vector Satisfiability
- 2020 - MARDU: Efficient and Scalable Code Re-randomization
- 2020 - Towards formal verification of IoT protocols: A Review
- 2020 - Automating the fuzzing triage process
- 2020 - COMPARING AFL SCALABILITY IN VIRTUAL-AND NATIVE ENVIRONMENT
- 2020 - SYMBION: Interleaving Symbolic with Concrete Execution
- 2020 - Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
- 2019 - Toward the Analysis of Embedded Firmware through Automated Re-hosting
- 2019 - FUZZIFICATION: Anti-Fuzzing Techniques
- 2018 - VulinOSS: A Dataset of Security Vulnerabilities in Open-source Systems
- 2018 - HDDr: A Recursive Variantof the Hierarchical Delta Debugging Algorithm
- 2017 - Coarse Hierarchical Delta Debugging
- 2017 - VUDDY: A Scalable Approach for Vulnerable CodeClone Discovery
- 2017 - Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts
- 2017 - Synthesizing Program Input Grammars
- 2017 - Designing New Operating Primitives to Improve Fuzzing Performance
- 2017 - Instruction Punning: Lightweight Instrumentation for x86-64
- 2016 - Modernizing Hierarchical Delta Debugging
- 2016 - VulPecker: An Automated Vulnerability Detection SystemBased on Code Similarity Analysis
- 2016 - CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump
- 2016 - RETracer: Triaging Crashes by Reverse Execution fromPartial Memory Dumps
- 2015 - PIE: Parser Identification in Embedded Systems
- 2010 - Iterative Delta Debugging
- 2009 - Dynamic Test Generation To Find Integer Bugs in x86 Binary Linux Programs
- 2006 - HDD: Hierarchical Delta Debugging
Surveys, SoKs, and Studies
- 2021 - A Systematic Review of Network Protocol Fuzzing Techniques
- 2021 - Vulnerability Detection is Just the Beginning
- 2021 - Evaluating Synthetic Bugs
- 2020 - A Practical, Principled Measure of Fuzzer Appeal:A Preliminary Study
- 2020 - A Systemic Review of Kernel Fuzzing
- 2020 - A Survey of Hybrid Fuzzing based on Symbolic Execution
- 2020 - A Study on Using Code Coverage Information Extracted from Binary to Guide Fuzzing
- 2020 - Study of Security Flaws in the Linux Kernel by Fuzzing
- 2020 - Dynamic vulnerability detection approaches and tools: State of the Art
- 2020 - Fuzzing: Challenges and Reflections
- 2020 - The Relevance of Classic Fuzz Testing: Have We Solved This One?
- 2020 - A Practical, Principled Measure of Fuzzer Appeal:A Preliminary Study
- 2020 - SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly But Were Afraid to Ask
- 2020 - A Quantitative Comparison of Coverage-Based Greybox Fuzzers
- 2020 - A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices
- 2020 - A systematic review of fuzzing based on machine learning techniques
- 2019 - A Survey of Binary Code Similarity
- 2019 - The Art, Science, and Engineering of Fuzzing: A Survey
- 2012 - Regression testingminimization, selection and prioritization: a survey
sambacha